Refactor the all code to add an orchestrator and be more scalable

Fix few bugs
Add debugs and verbose logs

Author: nodauf

src/adfs/brute.go

@@ -1,8 +1,9 @@
 package brute
 
 import (
-	"GoMapEnum/src/adfs"
 	"GoMapEnum/src/logger"
+	"GoMapEnum/src/modules/adfs"
+	"GoMapEnum/src/orchestrator"
 	"errors"
 
 	"github.com/spf13/cobra"
@@ -34,7 +35,11 @@ go run main.go bruteSpray adfs -t adfs.contoso.com -u [email protected]  -p A
 		adfsOptions.NoBruteforce = noBruteforce
 		adfsOptions.Sleep = sleep
 		adfsOptions.Proxy = proxy
-		adfsOptions.Brute()
+
+		orchestratorOptions := orchestrator.Orchestrator{}
+		orchestratorOptions.PreActionBruteforce = adfs.CheckTarget
+		orchestratorOptions.AuthenticationFunc = adfs.Authenticate
+		validUsers = orchestratorOptions.Bruteforce(&o365Options)
 	},
 }
 

src/azure/userEnum.go

@@ -6,24 +6,34 @@ import (
 	"net/http"
 	"net/url"
 	"os"
+	"strings"
 
 	"github.com/spf13/cobra"
 )
 
 var level logger.Level
 var verbose bool
 var debug bool
+var output string
 var noBruteforce bool
 var sleep int
 var proxy func(*http.Request) (*url.URL, error)
 
 var proxyString string
+var validUsers []string
 
 // BruteSprayCmd represents the bruteSpray command
 var BruteSprayCmd = &cobra.Command{
 	Use:   "bruteSpray",
 	Short: "Spray a password or bruteforce a user's password",
 	Long:  `Different services are supported. The authentication could be on an ADFS instance, an o365 or an OWA.`,
+	PersistentPostRun: func(cmd *cobra.Command, args []string) {
+		if output != "" {
+			if err := os.WriteFile(output, []byte(strings.Join(validUsers, "\n")), 0666); err != nil {
+				fmt.Println(err)
+			}
+		}
+	},
 }
 
 func init() {
@@ -32,6 +42,7 @@ func init() {
 	cobra.OnInitialize(initProxy)
 	BruteSprayCmd.PersistentFlags().BoolVarP(&verbose, "verbose", "v", false, "Verbose")
 	BruteSprayCmd.PersistentFlags().BoolVar(&debug, "debug", false, "Debug")
+	BruteSprayCmd.PersistentFlags().StringVarP(&output, "output-file", "o", "", "The out file for valid emails")
 	BruteSprayCmd.PersistentFlags().BoolVarP(&noBruteforce, "no-bruteforce", "n", false, "No spray when using file for username and password (user1 => password1, user2 => password2)")
 	BruteSprayCmd.PersistentFlags().IntVarP(&sleep, "sleep", "s", 0, "Sleep in seconds before sending an authentication request")
 	BruteSprayCmd.PersistentFlags().StringVar(&proxyString, "proxy", "", "Sleep in seconds before sending an authentication request")

src/cmd/brute/adfs.go

@@ -2,7 +2,8 @@ package brute
 
 import (
 	"GoMapEnum/src/logger"
-	"GoMapEnum/src/o365"
+	"GoMapEnum/src/modules/o365"
+	"GoMapEnum/src/orchestrator"
 	"errors"
 	"strings"
 
@@ -35,7 +36,15 @@ By default, if one account is being lock, the all attack will be stopped.
 		o365Options.Proxy = proxy
 		o365Options.NoBruteforce = noBruteforce
 		o365Options.Sleep = sleep
-		o365Options.Brute()
+
+		orchestratorOptions := orchestrator.Orchestrator{}
+		orchestratorOptions.CustomOptionsForCheckIfValid = o365.PrepareOptions
+		orchestratorOptions.AuthenticationFunc = o365.Authenticate
+		orchestratorOptions.UserEnumFunc = o365.UserEnum
+		// To check if the user is valid
+		orchestratorOptions.CheckBeforeEnumFunc = o365.CheckTenant
+		orchestratorOptions.AuthenticationFunc = o365.Authenticate
+		validUsers = orchestratorOptions.Bruteforce(&o365Options)
 	},
 }
 

src/cmd/brute/bruteSpray.go

@@ -2,7 +2,8 @@ package brute
 
 import (
 	"GoMapEnum/src/logger"
-	"GoMapEnum/src/owa"
+	"GoMapEnum/src/modules/owa"
+	"GoMapEnum/src/orchestrator"
 
 	"github.com/spf13/cobra"
 )
@@ -26,17 +27,23 @@ go run main.go bruteSpray owa -u [email protected] -p Automn2021! -t mail.con
 		owaOptions.Proxy = proxy
 		owaOptions.NoBruteforce = noBruteforce
 		owaOptions.Sleep = sleep
-		owaOptions.Brute()
+
+		orchestratorOptions := orchestrator.Orchestrator{}
+		orchestratorOptions.PreActionBruteforce = owa.PrepareBruteforce
+		orchestratorOptions.CustomOptionsForCheckIfValid = owa.PrepareOptions
+		validUsers = orchestratorOptions.Bruteforce(&owaOptions)
 
 	},
 }
 
 func init() {
 
+	owaCmd.Flags().BoolVarP(&o365Options.CheckIfValid, "check", "c", true, "Check if the user is valid before trying password")
 	owaCmd.Flags().StringVarP(&owaOptions.Users, "user", "u", "", "User or file containing the emails")
 	owaCmd.Flags().StringVarP(&owaOptions.Passwords, "password", "p", "", "Password or file containing the passwords")
 	owaCmd.Flags().StringVarP(&owaOptions.Target, "target", "t", "", "Host pointing to the OWA service")
-	owaCmd.Flags().IntVar(&owaOptions.Thread, "thread", 2, "Number of threads ")
+	owaCmd.Flags().IntVar(&owaOptions.Thread, "thread", 2, "Number of threads")
+	owaCmd.Flags().BoolVar(&owaOptions.Basic, "basic", false, "Basic authentication instead of NTLM")
 	owaCmd.MarkFlagRequired("user")
 	owaCmd.MarkFlagRequired("password")
 	owaCmd.MarkFlagRequired("target")

src/cmd/brute/o365.go

@@ -1,8 +1,9 @@
 package enum
 
 import (
-	"GoMapEnum/src/azure"
 	"GoMapEnum/src/logger"
+	"GoMapEnum/src/modules/azure"
+	"GoMapEnum/src/orchestrator"
 
 	"github.com/spf13/cobra"
 )
@@ -23,7 +24,10 @@ var azureCmd = &cobra.Command{
 		log.Info("Starting the module Azure")
 		azureOptions.Log = log
 		azureOptions.Proxy = proxy
-		validUsers = azureOptions.UserEnum()
+
+		orchestratorOptions := orchestrator.Orchestrator{}
+		orchestratorOptions.UserEnumFunc = azure.UserEnum
+		validUsers = orchestratorOptions.UserEnum(&azureOptions)
 	},
 }
 

src/cmd/brute/owa.go

@@ -2,7 +2,8 @@ package enum
 
 import (
 	"GoMapEnum/src/logger"
-	"GoMapEnum/src/o365"
+	"GoMapEnum/src/modules/o365"
+	"GoMapEnum/src/orchestrator"
 	"errors"
 	"strings"
 
@@ -31,7 +32,10 @@ var o365Cmd = &cobra.Command{
 		log.Info("Starting the module O365")
 		o365Options.Log = log
 		o365Options.Proxy = proxy
-		validUsers = o365Options.UserEnum()
+		orchestratorOptions := orchestrator.Orchestrator{}
+		orchestratorOptions.CheckBeforeEnumFunc = o365.CheckTenant
+		orchestratorOptions.UserEnumFunc = o365.UserEnum
+		validUsers = orchestratorOptions.UserEnum(&o365Options)
 	},
 }